matlock.ca // THREAT INTELLIGENCE — 2024-10-03

82Articles

9Categories

2024-10-03Date

🚨

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber AttacksThe Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new vulnerability to its Known Exploited Vulnerabilities Catalog. This vulnerability, CVE-2024-29824, affects Ivanti Endpoint Manager (EPM) and has become a target for cybercriminals using…

KEVGBHACKERS.COM — 03 Oct 2024

🚨

Critical Ivanti flaw finds in-the-wild RCE despite available patchesThe US Cybersecurity and Infrastructure Security Agency (CISA) has warned Ivanti customers of active exploitation of a critical Endpoint Manager (EPM) vulnerability allowing remote code execution (RCE) that the company fixed in May 2024. Tracked as CVE-2024-29824 , the flaw is an…

KEVCSOONLINE.COM — 03 Oct 2024

🚨

CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-45519 Synacor Zimbra Collaboration Command Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicio…

KEVCISA.GOV — Thu, 03 Oct 24 1

🐛

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

KEVTHEHACKERNEWS.COM — 03 Oct 2024

🐛

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

GBHACKERS.COM — 03 Oct 2024

🐛

Chromium: CVE-2024-7025 Integer overflow in Layout

MSRC.MICROSOFT.COM — 03 Oct 2024

🐛

Chromium: CVE-2024-9369 Insufficient data validation in Mojo

MSRC.MICROSOFT.COM — 03 Oct 2024

🐛

Chromium: CVE-2024-9370 Inappropriate implementation in V8

MSRC.MICROSOFT.COM — 03 Oct 2024

⚠️

AI could provide the cyber-risk crystal ball every CISO needs

CSOONLINE.COM — 03 Oct 2024

⚠️

LockBit Ransomware and Evil Corp Leaders Arrested and Sanctioned in Joint Global Effort

THEHACKERNEWS.COM — 03 Oct 2024

⚠️

Weird Zimbra Vulnerability

SCHNEIER.COM — 2024-10-03

⚠️

Meta partners with banks in the UK to combat online scams

CSOONLINE.COM — 03 Oct 2024

⚠️

When CUPS Runneth Over: The Threat of DDoS

SH.ITJUST.WORKS — 3 Oct 2024

⚠️

Telegram revealed it shared U.S. user data with law enforcement

SH.ITJUST.WORKS — 3 Oct 2024

⚠️

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

SH.ITJUST.WORKS — 3 Oct 2024

⚠️

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

KREBSONSECURITY.COM — 03 Oct 2024

⚠️

Tick tock.. Operation Cronos arrests more LockBit ransomware gang suspects

TRIPWIRE.COM — 03 Oct 2024

⚠️

Ivanti EPM Vulnerability Exploited In The Wild

KEVPACKETSTORMSECURITY.COM — 03 Oct 2024

⚠️

Zero-Day Breach At Rackspace Sparks Vendor Blame Game

PACKETSTORMSECURITY.COM — 03 Oct 2024

⚠️

14 DrayTek Vulns Patched, Including RCE Flaw

PACKETSTORMSECURITY.COM — 03 Oct 2024

⚠️

CISA issues warning about another Ivanti flaw under active attack

TECHCRUNCH.COM — 03 Oct 2024

⚠️

CISA Releases Three Industrial Control Systems Advisories

CISA.GOV — Thu, 03 Oct 24 1

⚠️

Fix for BGP routing insecurity ‘plagued by software vulnerabilities’ of its own, researchers find

NETWORKWORLD.COM — 03 Oct 2024

⚠️

DDoS attacks are increasingly targeting critical infrastructure

CSOONLINE.COM — 03 Oct 2024

⚠️

Analyzing Malware at Scale - John Hammond - PSW #845

YOUTUBE.COM — 2024-10-03

⚠️

Pixel's Proactive Approach to Security: Addressing Vulnerabilities in Cellular Modems

KEVSECURITY.GOOGLEBLOG.COM — 2024-10-03

⚠️

Evaluating Mitigations & Vulnerabilities in Chrome

SECURITY.GOOGLEBLOG.COM — 2024-10-03

⚠️

Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks

BLEEPINGCOMPUTER.COM — 03 Oct 2024

⚠️

Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks

THEHACKERNEWS.COM — 03 Oct 2024

⚠️

Breach Roundup: AI 'Nudify' Sites Serve Malware

DATABREACHTODAY.CO.UK — 2024-10-03

⚠️

Recently patched CUPS flaw can be used to amplify DDoS attacks

BLEEPINGCOMPUTER.COM — 03 Oct 2024

📋

Tor Browser 13.5.6 Released – What’s New!

GBHACKERS.COM — 03 Oct 2024

📢

Make OT networks a priority, say nine national security agencies

CSOONLINE.COM — 03 Oct 2024

📢

Doppler Launches ‘Change Requests’ to Strengthen Secrets Management Security with Audited Approvals

GBHACKERS.COM — 03 Oct 2024

📢

Drupal security advisory (AV24-559)

CYBER.GC.CA — 2024-10-03

📢

Global Cybersecurity Agencies Release OT Security Guidelines

DATABREACHTODAY.CO.UK — 2024-10-03

📢

ENISA 2024: Ransomware and AI Are Posing New Cyberthreats

DATABREACHTODAY.CO.UK — 2024-10-03

📢

CISA Preparing to Assess Federal Zero Trust Progress

DATABREACHTODAY.CO.UK — 2024-10-03

🔥

Northern Ireland Police to Pay £750,000 Fine Following Data Breach

GBHACKERS.COM — 03 Oct 2024

🔥

North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks

THEHACKERNEWS.COM — 03 Oct 2024

🔥

New VPN Credential Attack Goes to Great Lengths to Obtain Access

KNOWBE4.COM — 03 Oct 2024

🔥

North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks

SH.ITJUST.WORKS — 3 Oct 2024

🔥

Dutch Police: ‘State actor’ likely behind recent data breach

BLEEPINGCOMPUTER.COM — 03 Oct 2024

🔥

China-Backed APT Group Culling Thai Government Data

SH.ITJUST.WORKS — 3 Oct 2024

🔥

600,000 Prison Inmates to Share in $6.49M Breach Settlement

DATABREACHTODAY.CO.UK — 2024-10-03

🕵️

Meta smart glasses can be used to dox anyone in seconds, study finds

SH.ITJUST.WORKS — 3 Oct 2024

🕵️

Kickstart Your DShield Honeypot [Guest Diary], (Thu, Oct 3rd)

ISC.SANS.EDU — 03 Oct 2024

🕵️

ISC Stormcast For Thursday, October 3rd, 2024 https://isc.sans.edu/podcastdetail/9164, (Thu, Oct 3rd)

ISC.SANS.EDU — 03 Oct 2024

🕵️

ANY.RUN Upgrades Threat Intelligence to Identify Emerging Threats

GBHACKERS.COM — 03 Oct 2024

🕵️

FIN7 Gang Hides Malware in AI “Deepnude” Sites

SH.ITJUST.WORKS — 3 Oct 2024

🕵️

North Korea Profits as 'Stonefly' APT Swarms US Co's.

SH.ITJUST.WORKS — 3 Oct 2024

🕵️

Trends: Hardware gets AI updates in 2024

SECURITYINTELLIGENCE.COM — 03 Oct 2024

🕵️

CIA Seeks Informants In North Korea, Iran, And China

PACKETSTORMSECURITY.COM — 03 Oct 2024

🕵️

Millions of Enterprises at Risk: SquareX Shows How Malicious Extensions Bypass Google’s MV3 Restrictions

GBHACKERS.COM — 03 Oct 2024

🕵️

Webinar Announcement: Attack Surface Management to the Rescue – Find, Fix, Fortify Your ASM with Criminal IP

GBHACKERS.COM — 03 Oct 2024

🕵️

Quantum Breakthroughs Drive New Encryption Strategies

DATABREACHTODAY.CO.UK — 2024-10-03

🕵️

Cybercriminal Gang Targeting SMBs Using Business Email Compromise

KNOWBE4.COM — 03 Oct 2024

🕵️

Don’t Put Real Answers Into Your Password Reset Questions

KNOWBE4.COM — 03 Oct 2024

🕵️

News alert: Upcoming webinar highlights threat mitigation, fortifying ‘ASM’ with Criminal IP

LASTWATCHDOG.COM — 03 Oct 2024

🕵️

Linux malware “perfctl” behind years-long cryptomining campaign

SH.ITJUST.WORKS — 3 Oct 2024

🕵️

Cryptohack Roundup: Guilty Plea in $37M Theft Case

DATABREACHTODAY.CO.UK — 2024-10-03

🕵️

News alert: SquareX shows how Google’s MV3 standard falls short, putting millions at risk

LASTWATCHDOG.COM — 03 Oct 2024

🕵️

News alert: Doppler fortifies ‘secrets management’ with Change Requests auditable approval feature

LASTWATCHDOG.COM — 03 Oct 2024

🕵️

US, Microsoft Seize Domains Used in Russian Spear-Phishing

DATABREACHTODAY.CO.UK — 2024-10-03

🕵️

A Leader in 2024 Forrester Enterprise Firewall Solutions Wave

PALOALTONETWORKS.COM — 03 Oct 2024

🕵️

CyberRiskTV Live Coverage from Oktane 2024 - Day 2

YOUTUBE.COM — 2024-10-03

🕵️

CyberRiskTV Live Coverage from Oktane 2024 - Day 1

YOUTUBE.COM — 2024-10-03

🌐

Linux malware “perfctl” behind years-long cryptomining campaign

BLEEPINGCOMPUTER.COM — 03 Oct 2024

🌐

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking

THEHACKERNEWS.COM — 03 Oct 2024

📡

Rogue AI: What the Security Community is Missing

TRENDMICRO.COM — 03 Oct 2024

📡

INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa

THEHACKERNEWS.COM — 03 Oct 2024

📡

Joint guidance on the principles of operational technology cyber security

CYBER.GC.CA — 2024-10-03

📡

Ransowmare Crew Infects 100+ Orgs Monthly With New MedusaLocker Variant

PACKETSTORMSECURITY.COM — 03 Oct 2024

📡

Differential fuzzing for cryptography

QUARKSLAB.COM — 2024-10-03

📡

Why your password policy should include a custom dictionary

BLEEPINGCOMPUTER.COM — 03 Oct 2024

📡

The Secret Weakness Execs Are Overlooking: Non-Human Identities

THEHACKERNEWS.COM — 03 Oct 2024

📡

Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps

BLEEPINGCOMPUTER.COM — 03 Oct 2024

📡

Fraudsters imprisoned for scamming Apple out of 6,000 iPhones

BLEEPINGCOMPUTER.COM — 03 Oct 2024

📡

How to snoop on what an Apple Vision Pro user is typing | Kaspersky official blog

KASPERSKY.COM — 03 Oct 2024

📡

Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure

BLEEPINGCOMPUTER.COM — 03 Oct 2024

📡

‘Pig butchering’ trading apps found on Google Play, App Store

BLEEPINGCOMPUTER.COM — 03 Oct 2024

📡

Why your password policy should include a custom dictionary wordlist

BLEEPINGCOMPUTER.COM — 03 Oct 2024